Retrieving User properties from Active Directory

A PowerShell module for Active Directory was released with PowerShell 2.0, the version that shipped with Server 2008 R2. This module includes several cmdlets that let you work directly with Active Directory objects. In this blog post, we will look at retrieving user properties and attributes from Active Directory, with the Get-Aduser cmdlet. We will also look at how to present them in a clean and tidy format in Microsoft Excel.

We will of course have to import active directory module into a PowerShell console first.

import-module activedirectory

Then we can start retrieving user properties.
If you run the following command, you can see a list of all user related properties/attributes that are available to the get-user cmdlet

get-aduser username -properties *

(This screenshot has been cut at the CN property, but totally many more properties are listed as well)

By running this command you can get the properties you define for all users in a an OU (and for users in it’s child OUs)

In this command I am retrieving the name, samaccountname and userprincipalname properties for all users in the User Accounts OU, and presenting them in a table format. At the end I am piping the result to a text file. By setting searchscope to 1, I will limit the search to only that OU. If I wanted to include all of it’s child OUs, I would have just omitted the searchscope parameter.

Ok, so you have been given the task to retrieve, for example, the following information for all users in your domain;Full name, username, E-mail address, office, and all groups the user is member of. Its also a requirement that the information must be presented in table format in Microsoft Excel. This is how you can go about to achieve that.